Hacked? Over 30 unrecognised redirects showing in GTMetrix

Post by debbiekipt » Fri Sep 30, 2016 10:51 pm

Post by labeshops » Fri Sep 30, 2016 11:48 pm

Running Opencart v3.0.3.9 with multi-stores and the default template from https://www.labeshops.com which has links to all my stores.

Post by IP_CAM » Fri Sep 30, 2016 11:57 pm

one of those little loadtime-delaying Things, usually happen to those, crosslinking their Sites for free,
just to have a Shop Site full of such Crab, in the poor hope, to get linked somewhere in return...
Just my personal feelings on such !
Ernie

My Github OC Site: https://github.com/IP-CAM
5'600 + FREE OC Extensions, on the World's largest private Github OC Repository Archive Site.

Post by debbiekipt » Sat Oct 01, 2016 12:11 am

Many thanks for your reply labeshops!
I have not installed any new mods and have nothing except Visitor Tracker installed to see visitors clicks, but that has been installed for ages and the problem is recent.
There is a ShareThis button on each product page as part of Journal2 Theme, but that has again been installed for a long time and did not show up in redirects until now.

Sorry, I am not sure what I should be looking for in vqcache, but none of the code in the redirect lists shows up in my vqcache folder.

Ernie - thanks also for your thoughts! What is cross linking, I do not advertise or 'cross link' to any other sites as far as I know. (sorry, not a techie as you may remember, having kindly helped me out before when I've been stuck! )

Post by artcore » Sat Oct 01, 2016 12:48 am

Attn: I no longer provide OpenCart extensions, nor future support - this includes forum posts.
Reason: OpenCart version 3+

Thanks!

Post by IP_CAM » Sat Oct 01, 2016 1:06 am

debbiekipt wrote:Ernie - thanks also for your thoughts! What is cross linking, I do not advertise or 'cross link' to any other sites as far as I know.

Anything on your Site, calling an OUTSIDE URL, could be called crosslinking, as I define it. Unaware of how your Site
looks, I cannot tell, but I am aware, that many Users fill their Sites up with Facebook/Twitter/Instagram/e.t.c.
Banners and Links, and all those GIZMOS call some outside URL, to get images, hidden and visible, and/or other valuable Infos from your Site, in order to find out, who's visiting your Place and call's wich Pages.

And if scriptings are involved, like this 'ShareThis' on your Product Page, strictly technically, it's even possible,
that they get your Data, regardless of, if you have activated such Functions or not.
Quite similar to this, in your header.tpl, how many would really know, what it does, and when ?!

Code: Select all

<?php foreach ($analytics as $analytic) { ?>
<?php echo $analytic; ?>
<?php } ?>

Code: Select all

<?php foreach ($scripts as $script) { ?>
<script src="<?php echo $script; ?>" type="text/javascript"></script>
<?php } ?>

If you know, what I'm trying to tell you !

Good Luck, nothing personal !
Ernie

My Github OC Site: https://github.com/IP-CAM
5'600 + FREE OC Extensions, on the World's largest private Github OC Repository Archive Site.

Post by debbiekipt » Sat Oct 01, 2016 6:24 pm

Post by artcore » Sat Oct 01, 2016 6:56 pm

Attn: I no longer provide OpenCart extensions, nor future support - this includes forum posts.
Reason: OpenCart version 3+

Thanks!

Post by IP_CAM » Sat Oct 01, 2016 7:44 pm

debbiekipt wrote:Ernie, thanks for your explanation of cross linking, though sorry, your latest comments go over my head so I do not know what you are trying to tell me. Could you kindly PM me the 'dummies' version? :-)

Well, I just wanted to point out, that basically anyone could create Extensions, containing 'hidden' Things, and the most part of Users would not be aware of, what those Things could do, in a system. Especially to those, getting extensions from fully unknown sources, just, because those (stolen & paid) extensions are offered for free. It's a huge Market, and I wonder, actually, that not more happens already.

In addition, OC is likely beeing installed by a lot of Newbies, unaware of, how to set up a comprehensive Software like OC, to make it work in a secure way. This means, that many risks are involved, by nature of things, we just have to accept this fact. But don't take it personal, I just mention ways, how it can be done. It's the sole responsibility of each User, to make as sure as possible, that it won't happen. But not even Yahoo can be sure, to be sure, so, we just have to accept the fact, that the Web is not a very secure place to be, and act and prepare accordingly !
Ernie

My Github OC Site: https://github.com/IP-CAM
5'600 + FREE OC Extensions, on the World's largest private Github OC Repository Archive Site.

Post by debbiekipt » Sat Oct 01, 2016 10:15 pm

Post by IP_CAM » Sun Oct 02, 2016 1:11 am

Journal is not only a Theme, unfortunately, it also contains a huge amount of System Code, and many 'upgraded' versions of it seemengly exist (for some reason! ), I therefore could not judge on it's quality, I generally KEEP OFF such 'THEMES'. And it does not even have to be OC, there are other ways to enter a Server, and leave some Code.

My Advise, KILL everything on your Server, download a full copy of your DB, and check it entirely trough, then, start again, on a CLEAN PLATE, and with clean Software, it's the only way, to make sure, that nothing is left, somewhere, possibly infecting your Shop again.
I know, it's a PRO Job, but it's a PRO Problem as well, and you need to solve it, in either way !

Good Luck!
Ernie

My Github OC Site: https://github.com/IP-CAM
5'600 + FREE OC Extensions, on the World's largest private Github OC Repository Archive Site.

Post by debbiekipt » Sun Oct 23, 2016 12:13 am